US9774618B2ActiveUtilityA1

Methods, systems, and computer readable media for assessing attack vulnerability of radio access network equipment

78
Assignee: IXIAPriority: Dec 30, 2015Filed: Dec 30, 2015Granted: Sep 26, 2017
Est. expiryDec 30, 2035(~9.5 yrs left)· nominal 20-yr term from priority
H04B 17/3912H04W 24/06H04W 88/08H04L 63/1458H04L 63/1433H04B 17/0085H04W 88/02H04W 12/12H04W 12/125H04W 12/128H04W 12/126H04W 12/122
78
PatentIndex Score
6
Cited by
9
References
17
Claims

Abstract

The subject matter described herein relates to methods, systems, and computer readable media for assessing attack vulnerability of radio access network equipment. One method for assessing the attack vulnerability of a radio access network device includes emulating at least one good UE. The method further includes emulating at least one bad UE. The method further includes transmitting traffic from the emulated good and bad UEs to a non-simulated radio access network device under test. The method further includes monitoring a response of the radio access network device under test to the emulated good UEs. The method further includes generating output indicative of attack vulnerability of the device under test.

Claims

exact text as granted — not AI-modified
What is claimed is: 
     
       1. A method for evaluating the attack vulnerability of a radio access network device under test, the method comprising:
 at a network equipment test device:
 emulating at least one good user equipment (UE); 
 emulating at least one bad UE, wherein emulating at least one bad UE includes emulating a UE with a modified radio resource control layer that causes the emulated bad UE to repeatedly generate attach requests to the device under test; 
 transmitting traffic from the emulated good and bad UEs to a real radio access network device under test; 
 monitoring a response of the real radio access network device under test to the emulated good UEs; and 
 generating output indicative of attack vulnerability of the device under test, wherein generating output indicative of attack vulnerability of the device under test includes generating output indicative of a number or percentage of the emulated good UEs that are denied entry to the network during generation of the attach requests. 
 
 
     
     
       2. The method of  claim 1  wherein emulating at least one good UE includes emulating a UE that attaches to the network, requests bandwidth, and utilizes the requested bandwidth. 
     
     
       3. The method of  claim 1  wherein emulating at least one bad UE includes emulating a plurality of UEs that attach to the radio access network device under test and initiate data downloads and wherein generating output indicative of attack vulnerability includes generating output indicative of network resources available to the at least one good UE during the data downloads. 
     
     
       4. The method of  claim 1  wherein emulating at least one bad UE includes emulating a UE with an application configured to generate an attack on the device under test. 
     
     
       5. The method of  claim 1  wherein generating output indicative of attack vulnerability of the radio access network device under test includes generating an indication of bandwidth available to the at least one good UE before or after emulation of the at least one emulated bad UE and during the emulation of the at least one bad UE. 
     
     
       6. The method of  claim 1  wherein the radio access network device under test comprises an eNode B. 
     
     
       7. The method of  claim 1  wherein generating output indicative of attack vulnerability includes generating output indicative of calls dropped by the radio access network device under test or of degradation in voice call quality during an attack. 
     
     
       8. A method for evaluating the attack vulnerability of a radio access network device under test, the method comprising:
 at a network equipment test device:
 emulating at least one good user equipment (UE); 
 emulating at least one bad UE, wherein emulating at least one bad UE includes utilizing the at least one bad UE to implement a reservation-based attack on the device under test and wherein utilizing the at least one bad UE to emulate a reservation-based attack includes repeatedly sending bandwidth reservation requests to the device under test without using at least some bandwidth granted in response to previous requests; 
 transmitting traffic from the emulated good and bad UEs to a real radio access network device under test; 
 monitoring a response of the real radio access network device under test to the emulated good UEs; and 
 generating output indicative of attack vulnerability of the device under test. 
 
 
     
     
       9. A system for evaluating the attack vulnerability of a radio access network device under test, the system comprising:
 a network equipment test device, including:
 a good UE emulator for emulating at least one good user equipment (UE); 
 a bad UE emulator for emulating at least one bad UE, wherein the at least one emulated bad UE includes a modified radio resource control layer that causes the at least one emulated bad UE repeatedly generates attach requests to the device under test, wherein the network equipment test device transmits traffic from the emulated good and bad UEs to a real radio access network device under test; and 
 an attack vulnerability assessment module for monitoring a response of the real radio access network device under test to the emulated good and generating output indicative of attack vulnerability of the device under test, wherein the attack vulnerability assessment module generates output indicative of a number or percentage of the emulated good UEs that are denied entry to the network during generation of the attach requests. 
 
 
     
     
       10. The system of  claim 9  wherein the at least one emulated good UE attaches to the network, requests bandwidth, and utilizes the requested bandwidth. 
     
     
       11. A system for evaluating the attack vulnerability of a radio access network device under test, the system comprising:
 a network equipment test device, including:
 a good UE emulator for emulating at least one good user equipment (UE); 
 a bad UE emulator for emulating at least one bad UE, wherein the at least one emulated bad UE implements a reservation-based attack on the device under test, wherein the reservation-based attack includes repeatedly sending bandwidth reservation requests to the device under test without using at least some bandwidth granted in response to previous requests, and wherein the network equipment test device transmits traffic from the emulated good and bad UEs to a real radio access network device under test; and 
 an attack vulnerability assessment module for monitoring a response of the real radio access network device under test to the emulated good and generating output indicative of attack vulnerability of the device under test. 
 
 
     
     
       12. The system of  claim 9  wherein the bad UE emulator emulates a plurality of UEs that attach to the radio access network device under test and initiate data downloads and wherein the attack vulnerability assessment module generates output indicative of network resources available to the at least one good UE during the data downloads. 
     
     
       13. The system of  claim 9  wherein the bad UE emulator emulates a UE with an application configured to generate an attack on the device under test. 
     
     
       14. The system of  claim 9  wherein the attack vulnerability assessment module generates an indication of bandwidth available to the at least one good UE before or after emulation of the at least one bad UE and during the emulation of the at least one bad UE. 
     
     
       15. The system of  claim 9  wherein the radio access network device under test comprises an eNode B. 
     
     
       16. The system of  claim 9  wherein the attack vulnerability assessment module generates output indicative of calls dropped by the radio access network device under test or of degradation in voice call quality during an attack. 
     
     
       17. A non-transitory computer readable medium having stored thereon executable instructions that when executed by a processor of a computer control the computer to platform steps comprising:
 at a network equipment test device:
 emulating at least one good user equipment (UE); 
 emulating at least one bad UE, wherein emulating at least one bad UE includes emulating a UE with a modified radio resource control layer that causes the emulated bad UE to repeatedly generate attach requests to the device under test; 
 transmitting traffic from the emulated good and bad UEs to a real radio access network device under test; 
 monitoring a response of the real radio access network device under test to the emulated good UEs; and 
 generating output indicative of attack vulnerability of the device under test, wherein generating output indicative of attack vulnerability of the device under test includes generating output indicative of a number or percentage of the emulated good UEs that are denied entry to the network during generation of the attach requests.

Cited by (0)

No later patents cite this yet.

References (0)

No backward citations on record.